package com.mgg.auth.authentication.openid;

import java.util.HashSet;
import java.util.Set;

import com.mgg.auth.enums.AuthResultEnum;
import com.mgg.auth.exception.AuthenticationCheckException;
import com.mgg.auth.token.OpenIdAuthenticationToken;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.social.connect.UsersConnectionRepository;
import org.springframework.social.security.SocialUserDetailsService;


/**
 * @Author lijun
 * @Date: 2018-09-04 12:00:00
 */
public class OpenIdAuthenticationProvider implements AuthenticationProvider {

	private SocialUserDetailsService userDetailsService;
	
	private UsersConnectionRepository usersConnectionRepository;
	/*
	 * (non-Javadoc)
	 * 
	 * @see org.springframework.security.authentication.AuthenticationProvider#
	 * authenticate(org.springframework.security.core.Authentication)
	 */
	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		OpenIdAuthenticationToken authenticationToken = (OpenIdAuthenticationToken) authentication;
		Set<String> providerUserIds = new HashSet<>();
		providerUserIds.add((String)authenticationToken.getPrincipal());
		Set<String> userIds = usersConnectionRepository.findUserIdsConnectedTo(authenticationToken.getProviderId(), providerUserIds);
		if (CollectionUtils.isEmpty(userIds) || userIds.size() != 1) {
			throw new AuthenticationCheckException(AuthResultEnum.USER_NOT_SINGUP.getCode(),AuthResultEnum.USER_NOT_SINGUP.getMessage());
		}
		
		String userId = userIds.iterator().next();
		UserDetails user;
		try {
			user = userDetailsService.loadUserByUserId(userId);
		} catch (UsernameNotFoundException e) {
			throw new AuthenticationCheckException(AuthResultEnum.USER_LOAD_ERROR.getCode(),AuthResultEnum.USER_LOAD_ERROR.getMessage());
		}
		if (user == null) {
			throw new AuthenticationCheckException(AuthResultEnum.USER_NOT_SINGUP.getCode(),AuthResultEnum.USER_NOT_SINGUP.getMessage());
		}
		
		OpenIdAuthenticationToken authenticationResult = new OpenIdAuthenticationToken(user, user.getAuthorities());
		authenticationResult.setDetails(authenticationToken.getDetails());
		return authenticationResult;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.springframework.security.authentication.AuthenticationProvider#
	 * supports(java.lang.Class)
	 */
	@Override
	public boolean supports(Class<?> authentication) {
		return OpenIdAuthenticationToken.class.isAssignableFrom(authentication);
	}

	public SocialUserDetailsService getUserDetailsService() {
		return userDetailsService;
	}

	public void setUserDetailsService(SocialUserDetailsService userDetailsService) {
		this.userDetailsService = userDetailsService;
	}
	
	public UsersConnectionRepository getUsersConnectionRepository() {
		return usersConnectionRepository;
	}
	
	public void setUsersConnectionRepository(UsersConnectionRepository usersConnectionRepository) {
		this.usersConnectionRepository = usersConnectionRepository;
	}

}
